Rotating Secrets

What You Will Learn

How to rotate secrets safely
Both Vault and SOPS workflows

This page is a placeholder. Full content will be written after tone/depth review of priority chapters.

Planned Content

When to rotate: scheduled, after a breach, employee departure
Vault rotation: update secret, trigger ExternalSecret sync
SOPS rotation: decrypt, update, re-encrypt
Verifying the rotation worked
Communicating with affected clients

Key Takeaways

Secret rotation is a regular maintenance task
Always verify apps still work after rotation

What Is Next

Next up: kubectl Cheat Sheet (Chapter 12) where you will find your quick reference guide.

What Is Junovy

What You Will Be Doing

How This Book Works

The Junovy Glossary

What Is a Container

Containers vs Virtual Machines

Docker in Five Minutes

Container Images and Registries

What Is Kubernetes

Pods and Deployments

Services and Ingress

Namespaces

Secrets and ConfigMaps

What Is GitOps

How Flux Works

Kustomize Explained

The Reconciliation Loop

The Monorepo

The Flux Repo Structure

Profiles and Layers

The Cluster and Network

The Tenant System

Terminal and Shell Setup

Git Basics for GitOps

kubectl Essentials

Flux CLI Essentials

VPN and Cluster Access

Why Secrets Matter

SOPS Encryption

HashiCorp Vault

External Secrets Operator

Checking Cluster Health

Reading Logs

Prometheus and Grafana

Common Problems and Fixes

Project Overview

Export and Containerize

Create the Tenant

Write the Kustomize Patches

Deploy and Verify

Project Overview

Plan the Tenant

Create the Tenant from Scratch

Deploy Apps for the Faeries

Verify and Handoff

Updating an App Version

Adding a New Client

Debugging a Failed Deployment

Rotating Secrets

kubectl Cheat Sheet

Flux Cheat Sheet

Junovy Naming Conventions

Useful Links and Bookmarks

Rotating Secrets

What You Will Learn

Planned Content

Key Takeaways

What Is Next